diff options
| author | Connor O'Brien <connoro@google.com> | 2020-02-13 21:45:22 -0800 |
|---|---|---|
| committer | Maciej Żenczykowski <maze@google.com> | 2020-02-14 23:28:44 +0000 |
| commit | 3278a1634ba320b9760804451f333e3dd61a2fe3 (patch) | |
| tree | b6a4044ec03e93de63d52857a44027d6731abce2 /progs/include/bpf_map_def.h | |
| parent | 83f2977da8b9a51ea665acdc6e0e336aa3781604 (diff) | |
| download | bpf-3278a1634ba320b9760804451f333e3dd61a2fe3.tar.gz | |
bpfloader: add option to set owner & group for pinned programs
Unlike maps, BPF programs currently have no natural place to declare
metadata like their desired owner & group. Add a bpf_prog_def struct
to allow setting these, located in a new "progs" section, and update
bpfloader to chown pinned programs appropriately based on this
information.
Add a #DEFINE_BPF_PROG macro to simplify adding this data for
programs. The struct name is the name of the corresponding function
with "_def" appended, which bpfloader uses to correlate a bpf_map_def
with the correct program.
Also have bpfloader set mode to 0440 for all programs, since only read
access should ever be needed
Bug: 149434314
Test: load a program that uses DEFINE_BPF_PROG and check that owner &
group are set as expected
Change-Id: I914c355f114368fe53de2c7f272d877463cba461
Signed-off-by: Connor O'Brien <connoro@google.com>
Diffstat (limited to 'progs/include/bpf_map_def.h')
| -rw-r--r-- | progs/include/bpf_map_def.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/progs/include/bpf_map_def.h b/progs/include/bpf_map_def.h index b233dc9..3aee332 100644 --- a/progs/include/bpf_map_def.h +++ b/progs/include/bpf_map_def.h @@ -67,3 +67,8 @@ struct bpf_map_def { unsigned int gid; // gid_t unsigned int mode; // mode_t }; + +struct bpf_prog_def { + unsigned int uid; + unsigned int gid; +}; |